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^J\ £y*z.jl\ &\ ^uj 



Firewall system 

<ulo ^^*j l^il ^UU ij<A ^t^ujclefult permit 

defult denies <>£*llj 
firewallJ J <j-ajL^k 4_^ jjiaJj ^jVj 

Always invoked 

Jjjjjlil! 
tamperproof 

types of firewall 

1-packet filtering 

ip or protocol J £ o^ j* ^ 

http J S^J ^-^ (J J 

virtual Ian J *j^ ^^ ja U$i 

O^ U^^ 1 J** U^^ u£^> V^ 6^.1 jll A£^ll (jl 

e jV SLuttf! a£uL11] di*jj Jjlo JjV! Aif^l! t> ^ jla 
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jtjj\ t djJJ?^ -^* ^J <-L^ J 3 -*^ t-^ 

^jj|^]| ^ic 7- J J >^'j (j^°^ 4j£juLq (Jj^a^J j£.A.<a LiA 

routing table ^ nexthop Jl j^>j 
2-stateful inspection firewall 

<ua V <SUj <SU ^^stateful W^t t> c^j ^W 
jUo lgJ£ ciij£U]| ( ^j% U$i.. j^jjj lg_u^j o^j*^ 

** * 

3-application proxy 

^jljjb AjjoUJ c^lla a > uJ ^lla jl jj£I j£JI ^^c L-^ljjiJ ^La 6^ 
A£^ll ^ JjL qxjj^ Aj3 jl jl 4%Jij j* j^JJj <lj*^ 
AjLxLaJI 6^)j ^^.Ij 2xLq jl A£jjudll (J^.lj .laJ C'\* n jj^c-j 

4j^*_aa]| 4jLoj^)]| jl ^'l" UJJJ^^jI 6 J^> •^■^ c *^*.U jjlc- 

2^1 destination^ c^IujI 

4-guard 

inside and outside Jl ^4j jl j£tj^ ^ ^ 

<uK dual j] <SjiiA Ua Ua V <K ^11*11 CjUIH* I jV^ua 
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Methods of attacks 
1-brute force and directionary 

brute force J 

dictionary attack Jl ^ 

guessing technique t^j J^jj^ ^j j* ls-^« 
^oli .i^lj (j£-<^ <jal j*l\ ^Uaj (>» ^b ^kl > jV <^U> Jjl 

(jV Jl>- (^c c_jjl^j ^lla ^ j 4_uIj 4_iLc J^u -Lik.1 

^£Uj l^£ Ul ^gJljjjli (jLudJ^l <_£J ^ij j^^° r?^-^ lA^° 
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2-Denial of service 

<0 j ^IjJ c5^ l>Lfc^U L^ J^*j jjli j!U 4j| ^^au 

l^lcljj JjJOLLoJj^)j]| cJJaXJ (j^-Q-Q (j^<^ 6^£ <--^J 

Vj <11xjuJ jlj^ll ^^lajjujj ^ol ci-acl y&A Uj^l ^ ^-^ 

flooding 
DOS J^ <&a\J ^** ^ J* 

distributed denial of service 

(Jx>c\ (j^-Q-Q (J^J^ C5"^"^ LW^ (j^- ^ ^5^ <^ P^^ ^" 

spoofing J^*j Ua Uli cihio ^Ijjj ^^ 
!M u^ Vj c>. £tLjd J! LS^id J! ci^ia U! j] Ua ^ 

distributed reflective denial of service 
control packet W^ update J ^*^ 
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A SYN flood 
^ Jj^3way hand check lUs i>bj%^ J^Lj 

Smurf attack 
unuseless data ^*^ j*j^ 

PING OF DEATH ATTACK 
buffer overflow W^ l^tij jSjjSII di£lj c^uj 

stream attack 

pOrtScJ^ C^xjIL ^^Jjca <_$! (j^l^L» <j4£W 

teardrop 

Jji^ill ^Ikj c>bugs J £ j^j^ 

land attack 
sync packet c> J& ^^^ ^Vl ^IjjI jJa^l j* 
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spoofing attack 

^jjij ^ J^tj jW^ £^mac J' J^jl cfi** ^ ^ 



Man in the middle 
interrupt lU^ u^° <j-^ <-* ^ j^ 

hijack attack 

jjjjj UAj <CL^.I^)J t fl \ > galj jA j j£t_g_l] a£joi1I t-<«v*i^ 



sniffer attack 

Spamming attack 

Q* j^ JjLaII ^ j ^Ij^ J^4?useless data ^*^? 
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crackers 

^"ijnil l ijj^ JjW^unauthorized o^^ 

IDs 

UjI <i$ji> ^U lU*^ ^j-a^i <ua j] ^firewall J ^ 

low level or es* ^AjAijraw data J ^j^ids 

hight 
-^ uj^ j^-low c^ Sprint j*l lU^ ^j jJ 

high J <-« <^j Jalo <^U <ua jl ^£IjI jlanalysis 

^reaction J ^?j level 



Types of ids 
signature level 

(J^.Aj L5 11\ (jl CL&jCj (JliLaj ^jjjUII (^-i*J AjjIj l— )b^.ba. aJj 

5 jl 4 U^ cJjSt <_A^ ^j^ aLi*jj i^\j* 3 i> j 2 ^ 

heuristic 
^JW Jj^^ll I^jj ^-jA^I ^Ui!)U|jst or model lU*^ 
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Host based ids 
oijpc Jl J^ W* ^j^j* j^activity J m^j^ 

network based ids J t> c>^ 



network based ids 

^jj&\ (Jc- h£ ^j^j* j^ activityJ ^j^ 





